Malware Detection with Subspace Learning-based One-Class Classification
Jun 05, 2024
DOI:
Published in: IEEE Access
Detecting malware is crucial for ensuring the security of computer systems. Traditional machine learning models face challenges in effectively detecting malware, mainly due to the class imbalance problem, where the number of malware samples is significantly smaller than that of non-malware samples. Additionally, malware’s dynamic and evolving nature, continuously altering its structure and tactics, presents a substantial challenge for conventional artificial intelligence algorithms, further complicating the detection task. In pursuing an optimized malware detection technique, researchers initially explored traditional machine learning algorithms, focusing on the features of Portable Executable (PE) file headers. However, the inherent issues, such as imbalanced datasets and the deceptive nature of malware, have raised concerns about the credibility of the attained results. This can result in misclassifying malware as non-malware, leading to security vulnerabilities. One-Class Classification (OCC) methods have emerged as a promising approach to improve the detection of unknown malware. However, traditional OCC approaches face the challenge of the curse of dimensionality. This research proposes adapting subspace learning-based OCC methods to overcome the curse of dimensionality and effectively handle the class imbalance problem. We propose a pipeline for detecting malware using methods that jointly optimize a subspace and data description for OCC. We evaluate the performance of various one-class classifiers on three different datasets. We observed that the subspace-learning-based OCC is a promising approach. Evaluating various classifiers on three datasets reveals promising results, with a True Positive Rate (TPR) of 100% for subspace-learning-based OCC. The proposed pipeline can serve as a valuable tool for improving the security of computer systems by accurately detecting malware and protecting against potential attacks.
Other Researches
Modified YOLOv8x model for coronary stenosis detection and troponin risk stratification
Detection of coronary artery stenosis and risk stratification of troponin play a pivotal role in offering early diagnosis and treatment of cardiovascular diseases. In this paper, an improved deep learning framework that allows using both spatial and...
PUF-Enabled Key-Exchange Protocol for Vehicular Ad-Hoc Networks
The Internet of Vehicles (IoV) enables data exchange among individuals, cloud resources, road infrastructures, and vehicles, interconnected through Vehicular Ad Hoc Networks (VANETs). VANETs comprise vehicles with Onboard Units (OBUs), Roadside Unit...
LSOARP: A Link Stability and Obstacle-Aware Routing Protocol for UAV Networks
As using Unmanned Aerial Vehicles (UAVs) continues to grow across military, environmental, and public safety sectors, we are seeing a fast development of Flying Ad Hoc Networks (FANETs). Despite this progress, creating reliable routing protocols for...
Generalizing location-centric variations to enhance contactless human activity recognition
Contactless Human Activity Recognition (HAR) has played a critical role in smart healthcare and elderly care homes to monitor patient behavior and detect falls or abnormal activities in real time. The effectiveness of non-invasive HAR is often hinde...
Filtered orthogonal frequency division multiplexing (F-OFDM), employed in visible light communication (VLC) systems, has been considered a promising technique for overcoming OFDM’s large out-of-band emissions and thus reducing bandwidth efficiency. ...
The filtered-orthogonal frequency division multiplexing (F-OFDM) scheme has gained attention as a promising solution in the field of visible light communication (VLC) systems. One crucial aspect in VLC is the conversion of the complex F-OFDM signal ...
Wildfires are common disasters that have long-lasting climate effects and serious ecological, social, and economic effects due to climate change. Since Earth observation (EO) satellites were launched into space, remote sensing (RS) has become a more...
Impact of portable executable header features on malware detection accuracy
One aspect of cybersecurity incorporates the study of Portable Executable (PE) file maleficence. Artificial Intelligence (AI) can be employed in such studies, since AI has the ability to discriminate benign from malicious files. In this study, an ex...
Novel partial overlapped gaussian pulse multi-access system aided by data analysis
Orthogonal frequency-division multi-access (OFDMA) systems have limited flexibility to improve efficiency due to their dependency on subcarrier orthogonality. As a result of this restriction, attention has shifted to a new multi-access communication...
YOLO-V3 based real-time drone detection algorithm
Drones are currently being used in a wide range of useful tasks that are too dangerous and/or expensive to be performed by humans. However, this is increasingly developing security breaching issues due to the possibility of misuse of unmanned aircra...